Distributed packet group identification for network testing

ABSTRACT

There is disclosed a method, an apparatus, a computing device, and a storage medium for testing a network. A plurality of packets may be received. A packet group identification number for each packet may be determined by extracting two or more packet group identification fields from the packet, each packet group identification field located at a respective offset from one of a signature field, a start of the packet, a start of an IP header, and a start of a protocol header; and combining the two or more packet group identification fields to form the packet group identification number. The network testing system may measure, compile, and store performance statistics for packets having the same packet group identification number.

This patent claims priority from prior-filed non-provisional patentApplication No. 11/558,855, filed Nov. 10, 2006, and entitledDISTRIBUTED PACKET GROUP IDENTIFICATION FOR NETWORK TESTING, now U,S.Pat. No. 7,643,431.

NOTICE OF COPYRIGHTS AND TRADE DRESS

A portion of the disclosure of this patent document contains materialwhich is subject to copyright protection. This patent document may showand/or describe matter which is or may become trade dress of the owner.The copyright and trade dress owner has no objection to the facsimilereproduction by anyone of the patent disclosure as it appears in thePatent and Trademark Office patent files or records, but otherwisereserves all copyright and trade dress rights whatsoever.

BACKGROUND

1. Field of the Invention

This disclosure relates to network communications, packets, data units,and the transmission of and receipt of network traffic.

2. Description of the Related Art

Networks such as the Internet carry a variety of data communicated usinga variety of network devices including servers, routers, hubs, switches,and other devices. Before placing a network into use, the network andthe network devices, network media, network segments and networkapplications included therein, may be tested to ensure successfuloperation. Network media, segments, devices and applications may betested, for example, to ensure that they function as intended, complywith supported protocols, and can withstand anticipated traffic demands.Such testing may also be performed on already deployed network devices,network segments and network applications.

To assist with the construction, installation and maintenance ofnetworks, network segments, network applications and network devices,networks may be augmented with network analyzing devices, networkconformance systems, network monitoring devices, and network trafficgenerators, all of which are referred to herein as network testingsystems. The network testing systems may allow for analyzing theperformance of networks, network applications and network devices bycapturing, modifying, analyzing and/or sending network communications.

Network testing systems may send and receive a large amount of networktraffic and may establish and end many communication sessions. Networkinterface devices, units, cards, chips and the like within a networktesting system may perform much of the work in sending and receivingnetwork traffic and establishing and ending sessions. To track networkcommunications sent and received by network testing systems so thatnetwork devices may be tested, network communications are prepared withtest information. The functioning of a device under test may beevaluated based on review of the test information included in networkcommunications.

DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagram of an environment in which distributed packet groupidentification may be implemented.

FIG. 2 illustrates packet group identification fields contained within apacket.

FIG. 3 illustrates packet group identification fields contained within apacket.

FIG. 4 is a block diagram of an apparatus.

FIG. 5 is a flow chart of a process to determine a packet group IDnumber.

FIG. 6 is a flow chart of a process to determine a packet group IDnumber.

FIG. 7 is an example of a process to determine a packet group ID number.

DETAILED DESCRIPTION

Throughout this description, the embodiments and examples shown shouldbe considered as exemplars, rather than limitations on the apparatus andmethods disclosed or claimed.

Description of Apparatus

Referring now to FIG. 1, there is shown a block diagram of a networktesting environment 100. The environment includes network testing system110 coupled via a network card 120 to a network 140 over acommunications medium 144. The network testing system 110 may include orbe one or more of a performance analyzer, a conformance validationsystem, a network analyzer, a data unit blaster, a network managementsystem, a combination of these, and/or others. The network testingsystem may be used to evaluate and/or measure characteristics andperformance of a communication line or system, including the throughputof network traffic, the number of dropped data units, jitter, and manyothers. The network testing system may be used to evaluate theperformance of servers, networking devices such as, for example,routers, gateways, load sharers, and others, as well as networkapplication programs and other software.

The network testing system 110 may be in the form of a chassis or cardrack, as shown in FIG. 1, or may be an integrated unit. Alternatively,the network testing system may comprise a number of separate units suchas two or more chassis cooperating to provide network analysis, networkconformance testing, and other tasks. The chassis of the network testingsystem 110 may include one or more network cards 120 and a backplane112. The network cards 120 may be coupled with the backplane 112. One ormore network cards 120 may be included in the network testing system110. The network cards 120 may be permanently installed in the networktesting system 110, may be removable, or may be a combination thereof.

The network testing system 110 and/or one or more of the network cards120 may include an operating system such as, for example, versions of MSDOS, Microsoft Windows, Mac OS, Palm OS, Symbian OS, Unix or Linux.

Network card 120 is coupled with network 140 via a communications medium144. Although only one connection over communications medium 144 isshown, each of the network cards 120 may be connected with network 140over a communications medium. The communications medium may be, forexample, wire lines such as an Ethernet cable, fiber optic cable, orcoaxial cable, and may be wireless.

The network testing system 110 and the network cards 120 may support oneor more well known higher level communications standards or protocolsincluding the Hypertext Transfer Protocol (HTTP); may support one ormore well known lower level communications standards or protocols suchas, for example, the 10 and/or 100 Gigabit Ethernet standards, the FiberChannel standards, one or more varieties of the IEEE 802 Ethernetstandards, Sonet, CDMA, Asynchronous Transfer Mode (ATM), X.25,Integrated Services Digital Network (ISDN), token ring, frame relay,Point to Point Protocol (PPP), Fiber Distributed Data Interface (FDDI),Universal Serial Bus (USB), IEEE 1394 (also known as i.link® andFirewire®) and Bluetooth; may support proprietary protocols; and maysupport other protocols. Each network card 120 may support a singlecommunications protocol, may support a number of related protocols, ormay support a number or combination of unrelated protocols.

The term “network card” as used herein encompasses line cards, testcards, analysis cards, network line cards, load modules, interfacecards, network interface cards, data interface cards, data unit enginecards, service cards, smart cards, switch cards, relay access cards, CPUcards, port cards, and others. The network cards 120 may be referred toas blades, particularly when a processor is included on the networkcard. The network cards 120 may include one or more processors 124 andone or more network communications units 128.

The network communications unit 128 may be implemented as one or morefield programmable gate arrays (FPGA), application specific integratedcircuits (ASIC), programmable logic devices (PLD), programmable logicarrays (PLA), other kinds of devices, and combinations of these. Thenetwork communications unit 128 may support one or more communicationsprotocols in hardware. The network communications unit 128 may include anetwork interface through which the network card 120 may transmit and/orreceive communications over the network 140.

The backplane 112 may serve as a bus or communications medium for thenetwork cards 120. The backplane 112 may also provide power to thenetwork cards 120.

The network testing system 110 may have a computer coupled thereto (notshown). The computer may be local to or remote from the network testingsystem 110. In another embodiment, the network testing system 110 mayinclude a CPU on a card, motherboard or backplane that allows thechassis to also serve as a computer workstation. The network testingsystem 110 may have coupled therewith a display 118 and user inputdevices such as a keyboard 114 and a mouse 116, as well as other userinput devices including, for example, pens and trackballs. The userinput devices may be coupled to a network card, other card, motherboard,or the backplane 112.

The network testing system 110 may be implemented in a computer such asa personal computer, server, or workstation, as well as the chassisshown. The network testing system 110 may be used alone or inconjunction with one or more other network testing systems 110. Thenetwork testing system 110 may be located physically adjacent to and/orremote to the devices 130 in the network 140. The network testing system110 may be used to test and evaluate the network 140 and/or portionsthereof, network capable devices 130, application programs running onnetwork capable devices 130, and/or services provided by network 140and/or network capable devices 130.

The network 140 may be a local area network (LAN), a wide area network(WAN), a storage area network (SAN), or a combination of these. Thenetwork 140 may be wired, wireless, or a combination of these. Thenetwork 140 may include or may be the Internet. The network 140 may bepublic or private, may be a segregated test network, may be data unitswitched or circuit switched, and may be a combination of these. Thenetwork 140 may be comprised of a single or numerous nodes providingnumerous physical and logical paths for data units to travel.

Communications on the network 140 may take various forms, includingpackets, frames, cells, datagrams, data units, higher level logicalgroupings of data, or other units of information, all of which arereferred to herein as packets. Those packets that are communicated overa network are referred to herein as network traffic. The network trafficmay include packets that represent electronic mail messages, computerfiles, web pages, graphics, documents, audio and video files, streamingmedia such as music, video, telephone (voice) conversations, and others.

The network capable devices 130 may be devices capable of communicatingover the network 140 and/or listening to, injecting, delaying, dropping,and/or modifying network traffic on network 140. The network capabledevices 130 may be computing devices such as computer workstations,personal computers, servers, portable computers, set-top boxes, videogame systems, personal video recorders, telephones, personal digitalassistants (PDAs), computing tablets, and the like; peripheral devicessuch as printers, scanners, facsimile machines and the like; networkcapable storage devices including disk drives such as network attachedstorage (NAS) and storage area network (SAN) devices; testing equipmentsuch as analyzing devices, network conformance systems, emulationsystems, network monitoring devices, and network traffic generators; andnetworking devices such as routers, relays, firewalls, hubs, switches,bridges, traffic accelerators, and multiplexers. In addition, thenetwork capable devices 130 may include appliances such asrefrigerators, washing machines, and the like as well as residential orcommercial heating, ventilation, and air conditioning (HVAC) systems,alarm systems, and other devices or systems capable of communicatingover a network. One or more of the network capable devices 130 may bedevices to be tested and may be referred to as devices under test.

To communicate data units on the network 140, the network testing system110 may have various types of application programs, such as testapplications. Test applications have functions such as performanceanalysis, conformance validation, network analysis, packet blasting, andnetwork management

A test application may cause a network testing system to generate orreceive a large number of packets from the network or devices undertest. The test application may cause the network testing system tomeasure, compile and store performance statistics on the network ordevice under test, which will be referred to as the system under test(SUT). These performance statistics may include volume of trafficmeasures such as the total number of packets or bytes transmitted orreceived, quality measures such as the number of transmission failuresor bit error rates, or temporal measures such as the minimum, maximum,or average latency or response time of the SUT.

The test application may perform multiple tests on the same network ordevice, or on multiple networks or devices, concurrently. It may bedesired to measure and compile performance statistics on different testparameters, conditions, networks, or devices concurrently. To allow thecompilation of multiple sets of performance statistics, received packetsmay be organized into packet groups, where a packet group is defined asa plurality of packets to be measured by a common set of performancestatistics. For example, a packet group may be a plurality of packetssent to, through, or from a specific device or address on the networkunder test. A packet group may alternatively be referred to as a packetflow or session.

In order to maintain performance statistics on multiple packet groupsconcurrently, the test system must be able to segregate received packetsinto the appropriate packet groups. One method for segregating packetsis to assign a packet group identification number to each packet group,and then embed the appropriate packet group identification number withineach packet. U.S. Pat. No. 6,717,917, entitled “Real-Time Latency”,describes a method for accumulating multiple sets of performancestatistics on packet groups segregated by means of a packet groupidentification (PGID) field within each packet. However, a single PGIDfield lacks flexibility for designing and performing tests on complexnetworks.

Referring now to FIG. 2, a packet 200 received by a networking testingsystem has a start 250 and an end, and may contain a fixed or variablenumber of bytes or bits of information. The packet 200 may contain afirst PGID field 210, a second PGID field 220, and optionally a thirdPGID field 230. The packet 200 may include additional PGID fields. Thefirst, second, and third PGID fields 210, 220, 230 may be located withinthe packet 200 by respective offsets 215, 225, 235, from the start 250of the packet 200. The first, second, and third PGID fields 210, 220,230 may be located within the packet 200 by respective offsets from thestart of an IP header or from the start of a protocol (TCP, UDP orother) header. The offsets may be measured in bits, bytes, or some othermeasure. Other techniques may be used for locating the first, second,third, and additional PGID fields within the packet. The PGID fields maybe located in any order or position within the packet, and may overlapother PGID fields. Different offsets or techniques may be used to locateeach of the first, second, and third PGID fields.

A PGID field may be a specific field inserted in a packet solely toidentify a packet as a member of a specific packet group for testpurposes. A PGID field may also serve an additional purpose within thepacket. For example, a PGID field may comprise all or a portion of aheader field, an IP address field, a VLAN (Virtual Local Area Network)Tag, or a MPLS (Multiprotocol Label Switching) label.

Still referring to FIG. 2, the packet 200 may also contain a signaturefield 240, offset from the start of the packet by a signature offset245. The signature field 240 may be validated, or compared to a knownvalue. The signature field 240 may be masked prior to validation suchthat only selected, unmasked, bits are compared to the known values forthose bits. Packets with invalid signatures may be excluded, or notconsidered, when accumulating test statistics.

Some network transmission protocols, such as MPLS, add or stack labelsor fields at the head end of packets during transmission through variousdevices on a network. With these protocols, it may not be possible tolocate the PGID fields by means of an offset from the start of thepacket without first evaluating and stripping fields added to the frontend during transmission. In these and other cases, a method described inco-pending U.S. patent application Ser. No. 11/284,622, entitled“Varying the position of test information in data units”, may be used tolocate a signature field which, in turn, may be used to locate a PGIDfield.

Referring to FIG. 3, a packet 300 may contain a first PGID field 310, asecond PGID field 320, and optionally a third PGID field 330. The packet300 may also contain a signature field 340 offset from the start of thepacket by a signature field offset 345. The position of the signaturefield 340 within the packet 300 may vary such that the offset 345 of thesignature field 340 from the start of the packet may not be known. Sincethe position of the signature field 340 is not known, the signaturefield 340 may be identified by correlating the received bit stream withthe known value of the signature field 340. In this case the signaturefield 340 may be 12 bytes in length or some other length sufficient toensure unique recognition. Once the signature field 340 has beenidentified, the first, second, and third PGID fields 310, 320, 330 canbe located by means of respective offsets 315, 325, 335 from the end (orstart) of the signature field 340.

The methods for locating the PGID fields of FIG. 2 and FIG. 3 may becombined. One or more PGID fields may be located by means of respectiveoffsets from the start of the packet, the IP header, the protocolheader, or other PGID fields, and one or more PGID fields may be locatedby means of respective offsets from a variable-position signature field.Other methods for defining the PGID field locations within a packet mayalso be used. Any method that allows recovery of the PGID fields may beused.

The hardware, firmware, and software components of the network testingsystem 110 may include various specialized units, circuits, software andinterfaces for recovering the packet group identification number andsignature field within received packets. Referring to FIG. 4, thenetwork testing system 110 may include a receiver unit 410, a packetgroup identification unit 420, an optional signature field validationunit 430, and a performance statistics unit 440. Each of these units maybe comprised of hardware, firmware, and software operating on aprocessor as required to implement the functions of the unit. The unitsmay not be physically distinct. Hardware, firmware, and softwareportions of a given unit may be shared with other units or functions ofnetwork testing system 110.

The receiver unit 410 may receive packets as a bit-serial data streamfrom an optical or electrical communications medium 144. The receiverunit 410 may include an optical detector and circuitry to convert anoptical signal to electrical form. The receiver unit 410 may alsoinclude circuitry to amplify a received signal, to recover a clockembedded in the received bit-serial data stream, and to remove redundantcoding. The receiver unit may also include circuitry to partiallyconvert the bit-serial information into parallel form. The receivedpackets may be transferred to the packet group identification unit 420and the signature field validation unit 430 as a bit-serial, byte-serial(8 bits in parallel) or word-serial (16 or 32 bits in parallel) datastream.

The packet group identification unit 420 may include circuitry,firmware, and software to locate packet group identification fieldswithin the data stream transferred from the receiver unit 410. Thepacket group identification unit 420 may also include circuitry toextract and temporarily store the packet group identification fields,and to combine the packet group identification fields to form a packetgroup identification number that identifies each received packet as amember of a specific packet group. The function of the packet groupidentification unit will be more fully explained in the subsequentdiscussion of processes.

The signature field validation unit 430 may include circuitry, firmware,and software to locate a signature identification field within the datastream transferred from the receiver unit 410. The signature fieldvalidation unit 430 may locate the signature field by means of a knownoffset, or may locate the signature field by correlating the data streamwith the expected signature field value. The signature field validationunit 430 may also include circuitry, firmware, or software to validatethe signature field by comparing the content of the signature with anexpected value.

The performance statistics unit 440 may include circuitry, firmware, andsoftware to measure, compile, and store performance statistics on thenetwork, unit or system under test, as previously described. Theperformance statistics unit 440 may compile performance statistics forpacket groups identified by the packet group numbers formed by thepacket group identification unit. The performance statistics unit 440may measure and compile performance statistics only for packets withvalid signature fields.

The functions of packet group identification logic 420, the signaturefield validation logic 430, and the performance statistic processor 440may be performed in whole or in part by the network communications unit128 (referring back to FIG. 1) or other hardware on a network card 120.The other hardware may be implemented as analog circuitry, digitalcircuitry, one or more field programmable gate arrays (FPGA),application specific integrated circuits (ASIC), programmable logicdevices (PLD), programmable logic arrays (PLA), other kinds of devices,and combinations of these.

The functions of packet group identification logic 420, the signaturefield validation logic 430, and the performance statistic processor 440may be performed in whole or in part in software that operates on acomputing device. The computing device may be a processor 124 on anetwork card 120 or may be an external computing device connected to thenetwork testing system 110. The software may take the form of firmware,an application program, an applet (e.g., a Java applet), a browserplug-in, a COM object, a dynamic linked library (DLL), a script, one ormore subroutines, a device driver, or an operating system component orservice. The computing device may include a processor, a memoryoperatively coupled to the processor, and a storage device. The storagedevice may store instructions that, when executed, cause the computingdevice to perform, at least in part, the processes and provide thefunctionality described here. The instructions may be stored on aremovable or fixed storage medium. The hardware and software of thecomputing device may be distributed.

Additional and fewer units, modules or other arrangement of software,hardware and data structures may be used to achieve the systems anddevices described herein.

Description of Processes

Referring now to FIG. 5, the process for forming a packet groupidentification number 550 starts with extracting a first PGID field 510,a second PGID field 520, and optionally a third PGID field 530 from areceived packet. The first, second, and, optionally, third PGID fieldsmay be combined by combination logic 540 to generate a single PGIDnumber 550 for each packet. The combination logic 540 may perform one ormore logical or mathematical operations on the first, second, andoptional third PGID fields to generate the PGID number 550. Within thisdescription and the subsequent claims, the term logic is intended toencompass both the process and the hardware, firmware, and software thatperforms the logical or mathematical operations. The process of FIG. 5is consistent with a Packet Group Identification Unit 420 as previouslyshown in FIG. 4.

FIG. 6 is a flow chart of an exemplary embodiment of the combinationlogic 510. A first PGID mask 612 is applied to a first PGID field 610.Within this description, applying a mask means that bits of the mask areused to determine, on a bit-by-bit basis, which bits of a PGID field aremasked or discarded, and which bits are unmasked (retained) and used togenerate a PGID number 650. The first PGID mask 612 has the same bitlength as the first PGID field 610. For example, a “0” in a given bitposition in the first PGID mask 612 may indicate that the correspondingbit of the first PGID field 610 will be unmasked and used, while a “1”in a given bit position in the first PGID mask 612 may indicate that thecorresponding bit in the first PGID field 610 will be masked anddiscarded. The opposite convention (“0”=masked) could also be used. Thefirst PGID mask 612 may contain a total of “X” bits set to zero, where Xhas value between zero and the number of bits in the first PGID mask.Applying the first PGID mask with X bits set to zero will result in Xunmasked bits in the first PGID field 610. The X unmasked bits in thefirst PGID field 610 may be compressed, or shifted, into the lowest Xbit positions in a first compressed PGID field 615.

Similarly, a second PGID mask 622 having Y bits set to zero may beapplied to a second PGID field 620 and the unmasked bits may becompressed to form a Y-bit compressed second PGID field 625. A thirdPGID mask 632 having Z bits set to zero may be applied to a third PGIDfield 630 and the unmasked bits may be compressed to form a Z-bitcompressed third PGID field 635. Finally, the PGID number 650 may begenerated by concatenating the X bits from the compressed first PGIDfield 615, the Y bits from the compressed second PGID field 625, and theZ bits from the compressed third PGID field 635. Zeros may be added inone or more most significant bits positions 640 as needed to completethe desired bit width of the PGID number 650.

The width, in bits, of the first, second, and third PGID fields may beselected for convenience and compatibility with the network transmissionprotocols, and need not be the same. The hardware and software of thenetwork testing system may not necessarily support or require the fullwidth of the PGID fields. For example, the width of the PGID fields maybe 32 bits for convenience, but a network testing system may not becapable of supporting 2³² distinct packet groups. Thus the PGID numberrequired by the network testing system may have a smaller number of bitsthan the number of bits in the original PGID fields. Currently availablenetwork testing systems may utilize a PGID number having 16, 17, or 21bits.

FIG. 7 is an illustrative example of a method for generating a PGIDnumber. In this example, a first PGID field 710 and a counterpart firstPGID mask 712 are 32 bits in width, which may be conventionally numberedfrom bit 0 to bit 31. The first PGID mask 712 and the first PGID field710 are each shown as eight hexadecimal digits. The first PGID mask 712has all of its bits sets to one (hexadecimal “F”=binary “1111”) exceptfor the second and third least significant digits (bits 4-11) which areset to zero. When applied to the first PGID field 710, the first PGIDmask 712 leaves the second and third digits of PGID field 710 unmasked.These digits are shifted to the least significant positions in a firstmasked compressed PGID field 715.

Similarly, the application of a second PGID mask 722 to a second PGIDfield 720 leaves the first third, and sixth digits of the second PGIDfield 720 unmasked. These digits are then compressed into the threeleast significant digits of a second masked compressed PGID field 725.In the same manner, the first and fourth digits of a third PGID field730 are compressed into a third masked compressed PGID field 735. Theunmasked digits from the three masked compressed PGID fields are thenconcatenated to form a PGID number 750.

It should be recognized that the step of compressing the unmasked digitsto form the compressed PGID fields is a useful convenience fordescribing the process of generating the PGID number. In practice, thenetwork testing system may concatenate the unmasked bits from two orthree PGID fields without necessarily forming the intermediatecompressed PGID fields. It should also be recognized that, while themethod was conveniently described in terms of hexadecimal digits, anynumber and sequence of bits may be left unmasked in each of the two orthree PGID fields.

Closing Comments

The foregoing is merely illustrative and not limiting, having beenpresented by way of example only. Although examples have been shown anddescribed, it will be apparent to those having ordinary skill in the artthat changes, modifications, and/or alterations may be made.

Although many of the examples presented herein involve specificcombinations of method acts or system elements, it should be understoodthat those acts and those elements may be combined in other ways toaccomplish the same objectives. With regard to flowcharts, additionaland fewer steps may be taken, and the steps as shown may be combined orfurther refined to achieve the methods described herein. Acts, elementsand features discussed only in connection with one embodiment are notintended to be excluded from a similar role in other embodiments.

For any means-plus-function limitations recited in the claims, the meansare not intended to be limited to the means disclosed herein forperforming the recited function, but are intended to cover in scope anymeans, known now or later developed, for performing the recitedfunction.

As used herein, “plurality” means two or more.

As used herein, a “set” of items may include one or more of such items.

As used herein, whether in the written description or the claims, theterms “comprising”, “including”, “carrying”, “having”, “containing”,“involving”, and the like are to be understood to be open-ended, i.e.,to mean including but not limited to. Only the transitional phrases“consisting of” and “consisting essentially of”, respectively, areclosed or semi-closed transitional phrases with respect to claims.

Use of ordinal terms such as “first”, “second”, “third”, etc., in theclaims to modify a claim element does not by itself connote anypriority, precedence, or order of one claim element over another or thetemporal order in which acts of a method are performed, but are usedmerely as labels to distinguish one claim element having a certain namefrom another element having a same name (but for use of the ordinalterm) to distinguish the claim elements.

As used herein, “and/or” means that the listed items are alternatives,but the alternatives also include any combination of the listed items.

1. A method for testing a network, comprising: a network testing systemcoupled to the network receiving a plurality of packets the networktesting system determining a packet group identification number for eachof the plurality of received packets, wherein determining a packet groupidentification number for a packet comprises: determining a location ofa signature field within the packet by correlating the packet with aknown value of the signature field extracting a first packet groupidentification field based on the location of the signature fieldextracting a second packet group identification field from a header ofthe packet combining the first packet group identification field and thesecond packet group identification field to form the packet groupidentification number the network testing system measuring, compiling,and storing performance statistics for packets having the same packetgroup identification number.
 2. The method of testing a network of claim1, wherein combining the first packet group identification field and thesecond packet group identification field further comprises: applying afirst packet group identification mask to the first packet groupidentification field applying a second packet group identification maskto the second packet group identification field concatenating theunmasked bits of the first packet group identification field and theunmasked bits of the second packet group identification field to formthe packet group identification number.
 3. The method of testing anetwork of claim 1, further comprising validating the signature fieldprior to determining the packet group identification number.
 4. Atraffic receiver, comprising: a receiver unit to receive packets asignature field validation unit comprising logic determine a location ofa signature field within the packet by correlating the packet with aknown value of the signature field a packet group identification unit todetermine a packet group identification number for each packet,comprising: logic to extract a first packet group identification fieldbased on a location of the signature field logic to extract a secondpacket group identification field from a header of each packet logic tocombine the first packet identification field and the second packetgroup identification field to form a packet group identification numberfor each packet.
 5. The traffic receiver of claim 4, further comprising:a performance statistics unit to measure, compile, and store performancestatistics for packets having the same packet group identificationnumber.
 6. The traffic receiver of claim 4, wherein the logic to combinethe first packet group identification field and the second packet groupidentification field further comprises: logic to apply a first packetgroup identification mask to the first packet group identification fieldlogic to apply a second packet group identification mask to the secondpacket group identification field logic to concatenate the unmasked bitsof the first packet group identification field and the unmasked bits ofthe second packet group identification field to form the packet groupidentification number.
 7. The traffic receiver of claim 4, wherein thesignature field validation unit comprises logic to validate thesignature field the signature field is validated prior to the packetgroup identification unit determining the packet group identificationnumber.
 8. A computing device for testing a network, comprising: aprocessor memory coupled to the processor a storage device storinginstructions which, when executed by the processor, cause the computingdevice to perform actions comprising: receiving a plurality of packetsvia a network determining a packet group identification number for eachof the plurality of received packets, wherein determining a packet groupidentification number for a packet comprises: determining a location ofa signature field within the packet by correlating the packet with aknown value of the signature field extracting the first packet groupidentification field based on a location of the signature fieldextracting a second packet group identification field from a header ofthe packet combining the first packet group identification field and thesecond packet group identification field to form the packet groupidentification number measuring, compiling, and storing performancestatistics for packets having the same packet group identificationnumber.
 9. The computing device of claim 8, wherein combining the firstpacket group identification field and the second packet groupidentification field further comprises: applying a first packet groupidentification mask to the first packet group identification fieldapplying a second packet group identification mask to the second packetgroup identification field concatenating the unmasked bits of the firstpacket group identification field and the unmasked bits of the secondpacket group identification field to form the packet groupidentification number.
 10. The computing device of claim 8, the actionsperformed further comprising validating the signature field prior todetermining the packet group identification number.
 11. A machinereadable non-transitory storage medium storing instructions which, whenexecuted, cause a computing device to perform actions comprising:receiving a plurality of packets via a network determining a packetgroup identification number for each of the plurality of receivedpackets, wherein determining a packet group identification number for apacket comprises: determining a location of a signature field within thepacket by correlating the packet with a known value of the signaturefield extracting a first packet group identification field based on alocation of the signature field extracting a second group identificationfield from a header of the packet combining the first packet groupidentification field and the second packet group identification field toform the packet group identification number measuring, compiling, andstoring performance statistics for packets having the same packet groupidentification number.
 12. The machine readable non-transitory storagemedium of claim 11, wherein combining the first packet groupidentification field and the second packet group identification fieldfurther comprises: applying a first packet group identification mask tothe first packet group identification field applying a second packetgroup identification mask to the second packet group identificationfield concatenating the unmasked bits of the first packet groupidentification field and the unmasked bits of the second packet groupidentification field to form the packet group identification number. 13.The machine readable non-transitory storage medium of claim 11, theactions performed further comprising validating the signature fieldprior to determining the packet group identification number.